CVE-2016-6253

mail.local in NetBSD versions 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows local users to change ownership of or append data to arbitrary files on the target system via a symlink attack on the user mailbox...

Дырка в mail.local (mail from: shell)

В некоторых системах mail.local наботает как sgid mail или suid root. Некорректная обработка LMTP-заголовка mail from: позволяет выполнение shell-кода...

vulnerability in mail.local

hi, mail.local is a little setuid root prog designed, like its name suggest, for local mail delivering. Used with the -l option, we have an interactive mode in lmtp protocol simplified smtp for local mail delivery only A weakness exists in the 'mail from' field that allow any local user to insert...